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- The MAILING DATE of this communication appears on the cover sheet with the correspondence address -- 
Period for Reply 



A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) FROM 
THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1 .1 36(a). In no event, however, may a reply be timely filed 
after SIX (6) MONTHS from the mailing date of this communication. 

- If the period for reply specified above is less than thirty (30) days, a reply within the statutory minimum of thirty (30) days will be considered timely. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire SIX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after the mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1 )M Responsive to communication(s) filed on 26 January 2005 . 
2a)D This action is FINAL. 2b)^ This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 1 1, 453 O.G. 213. 

Disposition of Claims 

4) ^ Claim(s) 1-52 is/are pending in the application. 

4a) Of the above claim(s) 3-32,34-48 and 50-52 is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) ^ Claim(s) 1.2.33 and 49 is/are rejected. 

7) D Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)^ The drawing(s) filed on 11 April 2001 is/are: a)E3 accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1 .85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 1 )□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

12)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 19(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. D Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 



application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 




PRIMARY EfAMft'En 

Attachment(s) GROUP 51R0 

1 ) ^ Notice of References Cited (PTO-892) 4) □ Interview Summary (PTO-41 3) 

2) O Notice of Draftsperson's Patent Drawing Review (PTO-948) Paper No(s)/Mail Date. . 

3) ^ Information Disclosure Statement(s) (PTO-1449 or PTO/SB/08) 5) CI Notice of Informal Patent Application (PTO-152) 

Paper No(s)/Mail Date various . 6) CD Other; . 

U.S. Patent and Trademark Office ~ 

PTOL-326 (Rev. 1-04) Office Action Summary Part of Paper No./Mail Date 2005041 8 
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1 . Applicant's election with traverse of Species I (claims 1 ,2,33,49) in the reply filed 
on 1/26/2005 is acknowledged. The traversal is on the ground(s) that the examiner did 
not make a case that the application places a serious burden of examination on the 
examiner. The application contains 52 claims, 2 independent claims, and 10 species. 
This is not found persuasive because the presence of 10 species in and of itself places 
a serious burden of examination on the examiner. The 10 species are clearly not 
directed to the same subject matter, and hence are patentably distinct and place a 
significant burden on the examiner. If no significant burden were placed on the 
examiner with the presence of 10 species, then such may be indicative of claims that 
are not patentably distinct and obvious variants of one another. 

The requirement is still deemed proper and is therefore made FINAL. 

2. Claims 3-32,34-48,50-52 are withdrawn from further consideration pursuant to 37 
CFR 1.142(b), as being drawn to a nonelected species, there being no allowable 
generic or linking claim. Applicant timely traversed the restriction (election) requirement 
in the reply filed on 1/26/2005. 

DETAILED ACTION 

Claim Rejections r 35 USC § 102 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 

3. Claims 1,2,33,49 are rejected under 35 U.S. C. 102(e) as being anticipated by 
Giniger et al. (Giniger). 
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Per claim 1 , note that the patent sets forth a method for providing network 
services in the form of the VPN between the nodes (i.e. Figure 1 ) using at least one 
processor (at the management server 130, as servers have at least one processor) 
interfacing the base network (Internet 100). 

At the at least one processor (130) receiving information identifying a user 
authorized to administer a first processor (i.e. one of the edge devices 110), which is 
separate from the server processor, in which information is at least the username and 
password per column 14, lines 63+. This identifies the user be authenticated prior to 
receiving more configuration information. 

A base address that is routable through the Internet is received at the at least 
one processor, for example, per the column 14, lines 25-38 discussion of the external 
and local IP addresses for the edge devicel id from a DHCP server at the POP 220 or 
from management server 130, thus requiring that the base address be received at the 
server 130. 

Code and information for configuring the first processor (110) to interface the 
base network at the received base address is seen as the column 15, lines 4-7, 
receiving of additional configuration information, such as related to routing and security 
policies from the server (130), and such is thus provided at the management server 
(130) to the first processor (110) for configuring the first processor (110) via the base 
network. 
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Once the additional information is in place at the edge device (110), it is used to 
ultimately determine which other edge devices should be included via tunnels over the 
base network. 

The end result is the enabling of a direct tunnel between two edge devices (110) 
per the detection of edge devices (110) by the management server (130), such that the 
management server (130) determines which other edge devices (110) the detected 
edge device (110) should be connected via a tunnel (115) to be established. The tunnel 
ultimately established (115) is through the base network (100) and connects two edge 
devices (110) wherein a consent is presented to the management server (130) from 
each of the edge devices (110) [per the column 15, lines 8-42] via the commands to the 
edge devices to add the tunnel, as well as the generation/receiving of session keys from 
the management server (130). 

Per claim 2, a firewall is provided at Figure 8. Note that the centralized firewall 
830 maintains tunnels to edge/network devices and is centrally managed by the 
management server (130), hence being provided by the management server (130). By 
definition, a firewall selectively restricts information flowing through/from an edge device 
(1 10/810) and the base network (100), as such is pointed out at the top of column 17 
and the restricted access. 

Per claim 33, network services in the form of a VPN are provided, as discussed 

above. 

At least one site is provided at the management server (130) in the base network 
(100), wherein information is received in the form of the password and user name (i.e. 
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user information), as mentioned above. Code and other information is provided to the 
user in the form of the above mentioned additional configuration information for self 
configuring the edge device (110). The code is then executed with the result, as 
explained above, of a tunnel created between two edge devices under the auspices of 
the management server (130). Note that addresses, both local and external, per 
column 14, via the management server (130) or other methods. Per the use of the 
session keys, again under the auspices of the management server (130), a mutual 
consent is needed and detected in order to establish the desired tunnel between the 
edge devices (110). 

Per claim 49, the firewall (830) of Figure 8 is configured and controlled by the 
management server (130), which must have information about the edge devices in 
order for it to function as a firewall. 

Double Patenting 

4. The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. See In re Goodman, 1 1 
F.3d 1046, 29 USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 
USPQ 645 (Fed. Cir. 1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 
1982); In re Vogel, 422 F.2d 438, 164 USPQ 619 (CCPA 1970);and, In re Thorington, 
418 F.2d 528, 163 USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1 .321(c) may be 
used to overcome an actual or provisional rejection based on a nonstatutory double 
patenting ground provided the conflicting application or patent is shown to be commonly 
owned with this application. See 37 CFR 1 .130(b). 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 
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5. Claims 1 ,2,33,49 are provisionally rejected under the judicially created doctrine of 
obviousness-type double patenting as being unpatentable over claims 1-44 of 
copending Application No. 09/814179. Although the conflicting claims are not identical, 
they are not patentably distinct from each other because the co-pending claims, 
especially 10/12/13/21/22/23, set forth the additional, first and second processors; 
virtual addresses, establishes of tunnels, and mutual consent, with downloaded code. 
These are the same elements (obvious variants thereof) of the claims 1 ,2,33,49 under 
examination.. 

This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 

Conclusion 

6. The prior art made of record and not relied upon is considered pertinent to 
applicant's disclosure. Chen et al. set forth peer-to-peer 62 via VPN server 56 for the 
clients 20, as a result of other links 60,61 and 63. Poisson et al. set forth configuration 
information 118 and switches 100 with a direct tunnel resulting at 120 via the public 
network 104. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Fritz M Fleming whose telephone number is 571-272- 
4145. The examiner can normally be reached on M-F, 0600-1500. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Jeffrey Gaffin can be reached on 571-272-4146. The fax phone number for 
the organization where this application or proceeding is assigned is 703-872-9306. 
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Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). \j\ 



Fritz IwFleming 
Primary Examiner 
Art Unit 2182 
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